<?php

// Include the different user types so we can filter out unauthorized users
include("include/dbUserTypes.php");

// Include our user class
include_once("include/user.php");

// Create a variable to store our user if we're validated
$user = null;

// Check if we're in a valid session. If not, go back to main login page.
if( !isset($_SESSION['user']) || $_SESSION['user'] == null ) {
    header("location:main_login.php");
}
else {
    // Unserialize our user to turn it back into a useful object
    $user = unserialize($_SESSION['user']);
}

// If we're not an admin go back to the user redirection page
if( $user->getUserType() != $USERTYPE_ADMIN ) {
    header("location:login_success.php");
}
else
{
    // Connect to our database
    include("include/dbconnection.php");
    
    // Select all users that have a last connected time of 0 (UNIX epoch)
    // 0 is used since it would never be set as such in the user creation script
    $db_query = "SELECT 
    u.$TABLE_USERS_USERID, t.$TABLE_USERTYPE_USERDESCRIPTION, 
    u.$TABLE_USERS_USERNAME, u.$TABLE_USERS_ENTRYDATE, u.$TABLE_USERS_EMAILADDRESS 
    FROM $TABLE_USERS u 
    LEFT JOIN $TABLE_USERTYPE t ON u.$TABLE_USERS_USERTYPE = t.$TABLE_USERTYPE_USERTYPE 
    WHERE u.$TABLE_USERS_LASTCONNECTED = 0";
    
    $resultSet = mysql_query($db_query);

    // If we didn't get results, output simple message.
    // Otherwise show the new users.
    if(mysql_num_rows($resultSet) == 0)
        echo "No new registrations have taken place.";
    else
    {
        // Permit activation
        $_SESSION['activation'] = 1;
        ?>
        <table>
            <tr style="background: #FFFFFF; color: #74653D;">
                <th>User ID</th>
                <th>User Type</th>
                <th>Username</th>
                <th>Created On</th>
                <th>Email</th>
                <th>Activate</th>
            </tr>
        <?php
        // Show all the users and add an activation link.
        while( $row = mysql_fetch_array($resultSet) ) {
            ?>
            <tr>
                <td><?php echo $row[$TABLE_USERS_USERID]?></td>
                <td><?php echo $row[$TABLE_USERTYPE_USERDESCRIPTION]?></td>
                <td><?php echo $row[$TABLE_USERS_USERNAME]?></td>
                <td><?php echo date("d/m/Y", $row[$TABLE_USERS_ENTRYDATE]) ?></td>
                <td><?php echo $row[$TABLE_USERS_EMAILADDRESS]?></td>
                <td>
                    <form name="activateForm_<?php echo $row[$TABLE_USERS_USERID]?>" method="post" action="include/admin/activate.php">
                        <input name="activationID" type="hidden" value="<?php echo sha1($row[$TABLE_USERS_USERNAME].$row[$TABLE_USERS_USERID])?>"/>
                        <input name="id" type="hidden" value="<?php echo $row[$TABLE_USERS_USERID]?>"/>
                        <input name="username" type="hidden" value="<?php echo $row[$TABLE_USERS_USERNAME]?>"/>                        
                        <a href="javascript:activateForm_<?php echo $row[$TABLE_USERS_USERID]?>.submit()">Activate</a>
                    </form>
                </td>
            </tr>          
            <?php
        } // End while loop ?>
        </table>
    <?php
    } // End else statement
    
    // Close the connection
    mysql_close();
    
    
    
}


